On 28-Mar-00 Stephen C. Tweedie wrote:> No. That's the whole point: we have per-task credentials. If we > went instead to have per-process credentials, with credentials shared> amongst all tasks, then every syscall which uses permissions would> have to lock the credentials structure while it is running, or risk> having credentials changing in the middle of a syscall. That's why> CLONE_CREDENTIALS would have to add a bucket of extra, slow, locking> all over the kernel. No thanks, if it can be done in user space> (which it can, albeit not very efficiently when we do a process-wide> setreuid).

Another way of dealing with this is to have local copies of the credentials ineach task, as well as the shared credentials, each with change counter. Atentry to each syscall which cares, the task can check to see if its creds areup to date and copy them from the shared creds if not. It's not wildly clean,but it is one of those cases where copying rather than sharing can simplifylocking a lot.

I guess you could do it in the library too, if you make each syscall wrappercheck the thread credential validity before entering the kernel.

J

-To unsubscribe from this list: send the line "unsubscribe linux-kernel" inthe body of a message to majordomo@vger.rutgers.eduPlease read the FAQ at http://www.tux.org/lkml/